- Видео 138
- Просмотров 16 940
Zaheer Nazir
Саудовская Аравия
Добавлен 26 авг 2023
Aspiring to become World's best cybersecurity expert |
Senior Solutions Architect |
Speaker |
Protecting the digital world one byte at a time |
Follow for top-notch security insight
#NYUCyberFellow
#AcadmicAwardWinner
#cybersecurity
#TechLeader
Subscribe to my RUclips channel for daily videos.
Senior Solutions Architect |
Speaker |
Protecting the digital world one byte at a time |
Follow for top-notch security insight
#NYUCyberFellow
#AcadmicAwardWinner
#cybersecurity
#TechLeader
Subscribe to my RUclips channel for daily videos.
Session Management : Web Application Pentesting : TryHackMe : 2.1
Session Management : Web Application Pentesting : TryHackMe : 2.1
Session Management
Learn about session management and the different attacks that can be performed against insecure implementations.
00:00:26 Securing the Session Lifecycle
00:01:17 Weak Session Values
00:02:47 Controllable Session Values
00:03:28 Session Fixation
00:04:01 Insecure Session Transmission
00:06:41 Authorization Bypass
00:10:15 Insufficient Logging
00:12:04 Session Expiry
00:16:01 Session Termination
0021:41 Exploiting Insecure Session Management
00:21:15 Enumeration
00:34:19 What is the username of the student with the name X?
00:36:28 How many lecturers are registered on the application?
00:36:28 Trying to Find the number of ...
Session Management
Learn about session management and the different attacks that can be performed against insecure implementations.
00:00:26 Securing the Session Lifecycle
00:01:17 Weak Session Values
00:02:47 Controllable Session Values
00:03:28 Session Fixation
00:04:01 Insecure Session Transmission
00:06:41 Authorization Bypass
00:10:15 Insufficient Logging
00:12:04 Session Expiry
00:16:01 Session Termination
0021:41 Exploiting Insecure Session Management
00:21:15 Enumeration
00:34:19 What is the username of the student with the name X?
00:36:28 How many lecturers are registered on the application?
00:36:28 Trying to Find the number of ...
Просмотров: 5
Видео
Session Management : Web Application Pentesting : 2.0
Просмотров 7416 часов назад
Session Management : Web Application Pentesting : TryHackMe : 2.0 Session Management Learn about session management and the different attacks that can be performed against insecure implementations. 00:03:34 Session Management 00:06:15 What is Session Management? 00:07:57 Session Creation 00:12:20 Session Tracking 00:13:47 Session Expiry 00:15:02 Session Termination 00:18:12 Authentication vs Au...
Pickle Rick : Web Fundamentals : TryHackMe : Walkthrough : 2025
Просмотров 1419 часов назад
Pickle Rick A Rick and Morty CTF. Help turn Rick back into a human! 00:00:20 Enumeration 00:05:34 Installing seclists from snap 00:12:03 Using gobuster to find dirtories and pages 00:14:36 Trying to find a way to read first flag file 00:17:49 What is the first ingredient that Rick needs? 00:21:24 Trying to find second flag 00:24:00 Reverseshell to get the flag 00:28:45 What is the second ingred...
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : SSRF : Part 6
Просмотров 27День назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : SSRF : Part 6 tryhackme.com/r/room/owasptop102021 What IP address is the attacker using? What kind of attack is being carried out? Explore the website. What is the only host allowed to access the admin area? Check the "Download Resume" button. Where does the server parameter point to? Using SSRF, make the application send the request to your At...
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Data Integrity Failures : Part 5
Просмотров 23День назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Data Integrity Failures : Part 5 tryhackme.com/r/room/owasptop102021 What is the flag that you found in darren's account? Now try to do the same trick and see if you can log in as arthur. What is the flag that you found in arthur's account? What is the name of the website's cookie containing a JWT token? Use the knowledge gained in this task to...
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Security Misconfiguration: Part 4
Просмотров 25День назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Security Misconfiguration: Part 4 tryhackme.com/r/room/owasptop102021 What is the database file name (the one with the .db extension) in the current directory? Modify the code to read the contents of the app.py file, which contains the application's source code. What is the value of the secret_flag variable in the source code? What is the conte...
Doctor : HackTheBox : walkthrough : 1.0
Просмотров 2214 дней назад
Doctor : HackTheBox : walkthrough : 1.0 About Doctor Doctor is an easy machine that features an Apache server running on port 80. Users can identify a virtual host on the main webpage, and after adding it to their hosts file, acquire access to the `Doctor Messaging System`. The system is found to be vulnerable to Server Side Template Injection, and successful exploitation of the vulnerability r...
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Insecure Design : Part 3
Просмотров 3314 дней назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Insecure Design : Part 3 tryhackme.com/r/room/owasptop102021 OWASP Top 10 - 2021 Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks. What is the value of the flag in joseph's account? #owasp #owasptop10 #tryhackme #insecure #design
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Part 2
Просмотров 4214 дней назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Part 2 tryhackme.com/r/room/owasptop102021 OWASP Top 10 - 2021 Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks. Have a look around the web app. The developer has left themselves a note indicating that there is sensitive data in a specific directory. What is the name of the mentioned dire...
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Part 1
Просмотров 13614 дней назад
OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Part 1 tryhackme.com/r/room/owasptop102021 OWASP Top 10 - 2021 Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks. Look at other users' notes. What is the flag? #owasp #owasptop10 #tryhackme
Communication protocols : Advent of Cyber 2024 : TryHackMe : Day24
Просмотров 2321 день назад
Communication protocols : Advent of Cyber 2024 : TryHackMe : Day24 Day 24: You can’t hurt SOC-mas, Mayor Malware! tryhackme.com/r/room/adventofcyber2024 Advent of Cyber 2024 Dive into the wonderful world of cyber security by engaging in festive beginner-friendly exercises every day in the lead-up to Christmas! What is the flag? #adventofcyber #tryhackme #day24 #protocols
Hash cracking : Advent of Cyber 2024 : TryHackMe : Day23
Просмотров 3321 день назад
Hash cracking : Advent of Cyber 2024 : TryHackMe : Day23 Day 23: You wanna know what happens to your hashes? tryhackme.com/r/room/adventofcyber2024 Advent of Cyber 2024 Dive into the wonderful world of cyber security by engaging in festive beginner-friendly exercises every day in the lead-up to Christmas! Crack the hash value stored in hash1.txt. What was the password? What is the flag at the t...
Kubernetes DFIR : Advent of Cyber 2024 : TryHackMe : Day22
Просмотров 1628 дней назад
Kubernetes DFIR : Advent of Cyber 2024 : TryHackMe : Day22 Day 22: It's because I'm kubed, isn't it? tryhackme.com/r/room/adventofcyber2024 Advent of Cyber 2024 Dive into the wonderful world of cyber security by engaging in festive beginner-friendly exercises every day in the lead-up to Christmas! What is the name of the webshell that was used by Mayor Malware? What file did Mayor Malware read ...
Reverse engineering : Advent of Cyber 2024 : TryHackMe : Day21
Просмотров 3428 дней назад
Reverse engineering : Advent of Cyber 2024 : TryHackMe : Day21 Day 21: HELP ME...I'm REVERSE ENGINEERING! tryhackme.com/r/room/adventofcyber2024 Advent of Cyber 2024 Dive into the wonderful world of cyber security by engaging in festive beginner-friendly exercises every day in the lead-up to Christmas! What is the function name that downloads and executes files in the WarevilleApp.exe? Once you...
Traffic analysis : Advent of Cyber 2024 : TryHackMe : Day20
Просмотров 1228 дней назад
Traffic analysis : Advent of Cyber 2024 : TryHackMe : Day20
Game Hacking with Frida : Advent of Cyber 2024 : TryHackMe : Day19
Просмотров 39Месяц назад
Game Hacking with Frida : Advent of Cyber 2024 : TryHackMe : Day19
AI Prompt Injection : Advent of Cyber 2024 : TryHackMe : Day18
Просмотров 29Месяц назад
AI Prompt Injection : Advent of Cyber 2024 : TryHackMe : Day18
Log analysis : Advent of Cyber 2024 : TryHackMe : Day17
Просмотров 9Месяц назад
Log analysis : Advent of Cyber 2024 : TryHackMe : Day17
Azure Vault Secrets : Advent of Cyber 2024 : TryHackMe : Day16
Просмотров 8Месяц назад
Azure Vault Secrets : Advent of Cyber 2024 : TryHackMe : Day16
Active Directory : Advent of Cyber 2024 : TryHackMe : Day15
Просмотров 21Месяц назад
Active Directory : Advent of Cyber 2024 : TryHackMe : Day15
Certificate mismanagement : Advent of Cyber 2024 : TryHackMe : Day14
Просмотров 20Месяц назад
Certificate mismanagement : Advent of Cyber 2024 : TryHackMe : Day14
Websockets : Advent of Cyber 2024 : TryHackMe : Day13
Просмотров 45Месяц назад
Websockets : Advent of Cyber 2024 : TryHackMe : Day13
Web timing attacks : Advent of Cyber 2024 : TryHackMe : Day12
Просмотров 40Месяц назад
Web timing attacks : Advent of Cyber 2024 : TryHackMe : Day12
Wi-Fi Attacks : Advent of Cyber 2024 : TryHackMe : Day11
Просмотров 57Месяц назад
Wi-Fi Attacks : Advent of Cyber 2024 : TryHackMe : Day11
Phishing: Advent of Cyber 2024 : TryHackMe : Day10
Просмотров 21Месяц назад
Phishing: Advent of Cyber 2024 : TryHackMe : Day10
GRC: Advent of Cyber 2024 : TryHackMe : Day9
Просмотров 28Месяц назад
GRC: Advent of Cyber 2024 : TryHackMe : Day9
Shellcodes : Advent of Cyber 2024 : TryHackMe : Day8
Просмотров 14Месяц назад
Shellcodes : Advent of Cyber 2024 : TryHackMe : Day8
AWS Log Analysis : Advent of Cyber 2024 : TryHackMe : Day7
Просмотров 33Месяц назад
AWS Log Analysis : Advent of Cyber 2024 : TryHackMe : Day7
Sandboxes : Advent Of Cyber 2024 : TryHackMe : Day 6
Просмотров 76Месяц назад
Sandboxes : Advent Of Cyber 2024 : TryHackMe : Day 6